CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-37927
https://notcve.org/view.php?id=CVE-2023-37927
30 Nov 2023 — The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. La neutralización inadecuada de elementos especiales en el programa CGI del firmware Zyxel NAS326 versión V5.21(AAZF.14)C0 y NAS542 versión V5.21(ABAG.11)C0 podría permitir que un atacante autenticado ejecute alg... • https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35138
https://notcve.org/view.php?id=CVE-2023-35138
30 Nov 2023 — A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. Una vulnerabilidad de inyección de comando en la función “show_zysync_server_contents” de la versión de firmware V5.21(AAZF.14)C0 de Zyxel NAS326 y la versión de firmware NAS542 V5.21(ABAG.11)C0 podría perm... • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35137
https://notcve.org/view.php?id=CVE-2023-35137
30 Nov 2023 — An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device. Una vulnerabilidad de autenticación incorrecta en el módulo de autenticación de la versión de firmware V5.21(AAZF.14)C0 de Zyxel NAS326 y la versión de firmware NAS542 V5.21(ABAG.11)C0 podría permitir que un atacante no auten... • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2023-27992 – Zyxel Multiple NAS Devices Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-27992
19 Jun 2023 — The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request. The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to ... • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-27988
https://notcve.org/view.php?id=CVE-2023-27988
30 May 2023 — The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2020-13365
https://notcve.org/view.php?id=CVE-2020-13365
06 Aug 2020 — Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA31... • https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2020-13364
https://notcve.org/view.php?id=CVE-2020-13364
06 Aug 2020 — A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21... • https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml •
CVSS: 10.0EPSS: 95%CPEs: 54EXPL: 2CVE-2020-9054 – Zyxel Multiple NAS Devices OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-9054
04 Mar 2020 — Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the pr... • https://github.com/darrenmartyn/CVE-2020-9054 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •